The 2014 GRC Technology Innovation Awards was filled with competition. Nominations increased to 62 over last year’s awards, and fifteen winners were selected. GRC 20/20 looked through all of the submissions, asked for clarification where needed, and selected 15 recipients that demonstrated outside the box thinking in taking GRC in new directions to receive this year’s award.
ERP Maestro Delivers Automated Controls Through the Cloud
Automated Segregation of Duty and Access Control solutions are known to be exorbitantly expensive and take a considerable amount of consulting resources and time to implement. Requiring large software fees, hardware costs, consultant fees and complex training projects, and being overcome by large organizations; they remain a challenge today for organizations of all sizes, particularly the small to medium sized organizations.
ERP Maestro’s Access Analyzer™ solution provides Segregation of Duty and Sensitive Access Analytics and reporting over a completely cloud based architecture. Their unique utilization overlay reporting graphically identifies risks and remediation paths. With a cloud based delivery mechanism of an Access Controls solution, not a hosted solution technology, customers receive cost benefits of a multi-tenant environment and the exclusivity and security of a dedicated server. The cost savings associated with on demand allocation of servers is passed on to the subscribing customer, allowing small to medium enterprises to afford an enterprise Access Control solution.
The solution is truly innovative as it pools a massive amount of cloud resources to provide on demand server allocation as a dedicated server when needed by the client, while dormant servers are deactivated or recycled to other customers. The solution is contained within a deployment that dynamically grows and shrinks based on its demand (number of organizations using the system).
Interestingly, this can also serve as a bridge for companies implementing SAP GRC10. Large companies want a stopgap solution for the complex implementation process that represents GRC10. Some companies are waiting for budget approvals and/or developing a business case. ERP Maestro’s solution price point allows it to serve as that stopgap solution to address SoD needs until the major SAP GRC solution is implemented.
The model is of particular interest to small and medium sized organization that can now afford the implementation of an enterprise Access Control Solution because of ERP Maestro’s model. The entire process is no longer expensive, complex and drawn out, allowing funds to be focused on remediation efforts. The simplicity of their subscription-based service empowers companies that traditionally would not pursue an Access Controls solution, to now proliferate the capability and manage the risk of Segregation of Duties more effectively.
End users have anywhere, anytime access to a web interface that allows them to connect to their ERP system (SAP is the only ERP currently supported by ERP Maestro). The data is securely analyzed using an on demand, dedicated server located in a server farm, then the results are compiled in to multiple reports for consumption. While cloud technology isn’t new, ERP Maestro’s ability to process analytics on hundreds/thousands of client simultaneously based on it’ analytics engine is indeed new and innovative technology which empowers them to offer a premium service, at a low subscription fee.
To learn more about the GRC 20/20 2014 GRC Innovation Awards and other recipients, please visit this post: GRC 20/20 Announces 2014 GRC Innovation Award Recipients